
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/926,460 



01/28/2002 



23364 7590 08/04/2004 

BACON & THOMAS, PLLC 
625 SLATERS LANE 
FOURTH FLOOR 
ALEXANDRIA, VA 22314 



Oliver Richter 



RICH30001/JEK 



4672 



EXAMINER 



D AGOSTA, STEPHEN M 



ART UNIT 



PAPER NUMBER 



2683 

DATE MAILED: 08/04/2004 



7 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summary 



Application No. 

09/926,460 


Applicant(s) 

RICHTER, OLIVER 


Examiner 

Stephen M. D'Agosta 


Art Unit 

2683 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)^ This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1^9 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) 13 Claim(s) 1^9 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 28 January 2002 is/are: a)K accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121 (d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)^ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
aM AH b)D Some * c)D None of: 

1 Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



Response to Preliminary Amendment 



The preliminary amendment is acknowledged and the claims shown below reflect 
the amendments made. 



The information disclosure statement filed 6-12-04 fails to comply with 37 CFR 
1 .98(a)(3) because it does not include a concise explanation of the relevance for DE 
19733662 (written entirely in German), as it is presently understood by the individual 
designated in 37 CFR 1 .56(c) most knowledgeable about the content of the information, 
of each patent listed that is not in the English language. It has been placed in the 
application file, but the information referred to therein has not been considered. 

Drawings 

The drawings were received on 1-28-02 and have been reviewed by the 
draftsperson and examiner. 



It is noted that this application appears to claim subject matter disclosed in prior 
Application No. EP00/04 141, filed 5-92000. A reference to the prior application must be 
inserted as the first sentence of the specification of this application or in an application 
data sheet (37 CFR 1 .76), if applicant intends to rely on the filing date of the prior 
application under 35 U.S.C. 1 1 9(e) or 1 20. See 37 CFR 1 .78(a). For benefit claims 
under 35 U.S.C. 120, the reference must include the relationship (i.e., continuation, 
divisional, or continuation-in-part) of all nonprovisional applications. Also, the current 
status of all nonprovisional parent applications referenced should be included. 



Information Disclosure Statement 



Priority 
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Art Unit: 2683 

Specification 

1 . Applicant is reminded of the proper language and format for an abstract of the 
disclosure (The words "said" and "invention" should be removed). 

The abstract should be in narrative form and generally limited to a single 
paragraph on a separate sheet within the range of 50 to 150 words. It is important that 
the abstract not exceed 1 50 words in length since the space provided for the abstract 
on the computer tape used by the printer is limited. The form and legal phraseology 
often used in patent claims, such as "means" and " said ." should be avoided. The 
abstract should describe the disclosure sufficiently to assist readers in deciding whether 
there is a need for consulting the full patent text for details. 

The language should be clear and concise and should not repeat information 
given in the title. It should avoid using phrases which can be implied, such as, "The 
disclosure concerns," 'The disclosure defined by this invention ." "The disclosure 
describes," etc. 

The following guidelines illustrate the preferred layout for the specification of a 
utility application. These guidelines are suggested for the applicant's use. 

Arrangement of the Specification 

2. As provided in 37 CFR 1 .77(b), the specification of a utility application should 
include the following sections in order. Each of the lettered items should appear in 
upper case, without underlining or bold type, as a section heading. If no text follows the 
section heading, the phrase "Not Applicable" should follow the section heading: 

(a) TITLE OF THE INVENTION. 

(b) CROSS-REFERENCE TO RELATED APPLICATIONS. 

(c) STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR 

DEVELOPMENT. 

(d) INCORPORATION-BY-REFERENCE OF MATERIAL SUBMITTED ON A 

COMPACT DISC (See 37 CFR 1.52(e)(5) and MPEP 608.05. Computer 
program listings (37 CFR 1.96(c)), "Sequence Listings" (37 CFR 1.821(c)), 
and tables having more than 50 pages of text are permitted to be 
submitted on compact discs.) or 

REFERENCE TO A "MICROFICHE APPENDIX" (See MPEP § 608.05(a). 
"Microfiche Appendices" were accepted by the Office until March 1 , 2001 .) 

(e) BACKGROUND OF THE INVENTION. 

(1 ) Field of the Invention. 

(2) Description of Related Art including information disclosed under 37 
CFR 1.97 and 1.98. 

(f) BRIEF SUMMARY OF THE INVENTION. 

(g) BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S). 

(h) DETAILED DESCRIPTION OF THE INVENTION. 

(i) CLAIM OR CLAIMS (commencing on a separate sheet). 

(j) ABSTRACT OF THE DISCLOSURE (commencing on a separate sheet). 
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Claim Rejections - 35 USC § 103 



The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-4 and 7 rejected under 35 U.S.C. 103(a) as being unpatentable over 
Schroderus et al. US 5,907,804 and further in view of Kenagy et al. US 5,842,124 
(hereafter Schroderus and Kenagy). 

As per claim 1, Schroderus teaches a method for putting into operation a 
processor smart card in a network for communication, for example a GSM network 
wherein the card user must identify himself with respect to the processor smart card 
(SIM) by a PIN (title, abstract, figure 1 and C1, L48-58 teaches GSM SIM card), 
comprising the steps of: 

For execution control of its use, the processor smart card is first provided by the 
card manufacturer or card personalizer with an additional application, preferably the 
SIM Application Toolkit, which prevents its use in the network, instead allowing only 
local use by means of a card reader or card terminal, preferably a mobile phone device 
(figure 1 shows that the phone is prevented from outgoing communications unless a 
valid PIN is entered, see steps #103, #105 and #106), and 

Upon the use of the processor smart card, the application outputs without a 
further check of a secret number a display signal for the use and a request for 
confirmation (figure 1, step #102 requests a PIN code), and 

But is silent on control of its first use AND after receiving a confirmation signal 
the additional application is deactivated or its execution so changed that upon the next 
use of the card a display signal is outputted to indicate that the card has already been 
put into operation and the use of the processor smart card in the network is enabled. 
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Art Unit: 2683 

The examiner interprets Schroderus' operation in figure 1 as reading on the 
operation of putting a processor smart card into operation since both require the SIM 
card to validate a PIN number entered by the user AND both prevent normal operation 
of the phone when a valid PIN is not entered. 

Kenagy teaches a manual process whereby the user, on a first use of the phone, 
calls a service provider to obtain a temporary password which is input to gain access to 
the network (abstract, figures 1-2 and 4a, #202, #204, #206, #208, C8, L37-63). The 
examiner notes that this operation of calling the service provider is ONLY performed 
once and the phone will be so changed as to not require the "temporary password" 
upon further use which therefore reads on the claims. 

It would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to modify Kenagy, such a special algorithm is run during control of 
its first use AND after receiving a confirmation signal the additional application is 
deactivated or its execution so changed that upon the next use of the card a display 
signal is outputted to indicate that the card has already been put into operation and the 
use of the processor smart card in the network is enabled, to provide means for 
authenticating once such that the user does not have to perform this operation each 
time the phone is turned on (the examiner notes that many phones provide for a user- 
selectable option to require PIN authentication each time the phone is turned on for 
extra security). 



As per claim 2 Schroderus in view of Kenagy teaches claiml wherein a PIN 
number previously defined, preferably by the card manufacturer or card personalizer, 
must be inputted for activating the additional application (figure 1 teaches inputting a 
PIN code #102 which causes an application to validate said PIN and reads on activating 
the additional application). 
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As per claim 3 Schroderus in view of Kenagy teaches claim 1 or 2 but is silent 
on wherein the entry of a PIN and/or secret number (PUK) for changing or unblocking 
the PIN is requested after the first use of the card and prior to the deactivation or 
change of state of the additional application. 

Kenagy teachs inputting a temporary PIN (eg. supplied by the manufacturer or 
service provider) which will/can then be changed by the user to a more personal PIN 
number (as is well known) which reads on the claim (abstract, C1 1 , L10-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to modify Schroderus in view of Kenagy, such that entry of a PIN 
and/or secret number (PUK) for changing or unblocking the PIN is requested after the 
first use of the card and prior to the deactivation or change of state of the additional 
application, to provide means to re-verify the PIN/PUK so that the user can change the 
password (eg. enter it once and then re-verify it - this ensures the user has entered the 
PIN twice and correctly changed it and the phone can deactivate or change state of the 
additional application). 

As per claim 4 Schroderus in view of Kenagy teaches claim 1 or 2 but is silent 
on wherein some or all PIN numbers on the card were already personalized on the 
processor SIM by the smart card manufacturer and said numbers are indicated upon 
the first use for later use on the card reader or card terminal, prefereably a mobile 
phone device. 

Kenagy teaches the manufacturer or service provider can preprogram the SIM 
with PIN numbers (C11, L10-32). 

It would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to modify Schroderus in view of Kenagy, such that some/all of the 
PIN numbers on the card were already personalized on the processor SIM by the smart 
card manufacturer and said numbers are indicated upon the first use for later use on the 
card reader or card terminal, prefereably a mobile phone device, to provide means for 
the manufacturer to pre-program a temporary PIN into the phone which the user verifies 
on the first use. 
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As per claim 7 Schroderus in view of Kenagy teaches claim 1 wherein the secret 
numbers to be defined at the first putting into operation are used not for the purpose of 
protecting the network application but for protecting an additional application, preferably 
a SIM application toolkit application, on the SIM card. 

Claim 5 rejected under 35 U.S.C. 103(a) as being unpatentable over Schroderus 
and Kenagy as applied to claim 1 and further in view of Hopkins US 5,757,918 
(hereafter Hopkins). 

As per claim 5 Schroderus in view of Kenagy teaches claim 1 wherein some or 
all PIN numbers on the card are set by a random-number generator built into the card 
and said numbers are indicated during the first use on the card reader or terminal, 
preferably a mobile phone device. 

Hopkins teaches A method for granting or denying access based upon the 
verification of a user and authentication of a smart card and using a random number 
generator contained within the smart card to generate a random number (see claim 1 ). 

It would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to modify Schroderus in view of Kenagy, such that the SIM card 
has a built-in random-number generator, so that it can generate random number PINs 
that would be used by the phone user and changed from time-to-time to increase 
security. 

Claims 6 and 8 rejected under 35 U.S.C. 103(a) as being unpatentable over 
Schroderus and Kenagy as applied to claim 1 and further in view of Davis et al. US 
6,314,519 (hereafter Davis). 

As per claim 6 Schroderus in view of Kenagy teaches claim 1 but is silent on 
wherein some or all PIN numbers are combined for transmission to the network, 
prefereably in encrypted form via a data channel, and sent immediately or at a later time 
to a central place at the network operator or network service provider. 
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The examiner notes that this function is well known in the art - eg. computer 
systems routinely require users to change their logon passwords periodically which 
requires the user to, in essence, change the password and transmit it back to the server 
for storage in a PIN database. The password is encrypted for security. - Hence, as per 
claim 1 , Kenagy teaches changing the temporary PIN to a user-selected PIN which may 
require transmittal back to the service provider. Further to this point is Davis, whereby 
there are secured electronic (financial) transactions are based on a peer-to-peer closed 
loop system in which the sending party generates a secure transaction that comprises a 
value amount (eg. PIN) and an authentication code. In order to establish and complete 
a transaction, the requesting party inserts uses a Smart Card and enters an 
identification code. The transaction processing system authenticates the Smart Card 
(eg. via a PIN database). While Davis focuses mainly on financial transactions, one 
skilled would use the same secure operations for PIN change updates (C17, L51 to 18, 
L-16). 

It would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to modify Schroderus in view of Kenagy, such that wherein some 
or all PIN numbers are combined for transmission to the network, prefereably in 
encrypted form via a data channel, and sent immediately or at a later time to a central 
place at the network operator/provider, to provide means for the operator to have/store 
the latest PIN changes/updates as made by the user thus ensuring they can be 
correctly authenticated. 

As per claim 8 Schroderus in view of Kenagy teaches claim 1 but is silent on 
wherein the information on the first use of the processor smart card and on the PIN 
numbers is outputted or inputted via the hearing or speaking devices of the card reader, 
the card terminal or preferably the mobile phone device. 

Davis teaches an RF/Cellular system (figure 1) and hardware which supports a 
user selected personal identification number that is programmed into the Smart Card via 
the subscriber unit or pager, thus disabling access to any features of the protected 
Smart Card unless subsequently accessed or reprogrammed by the subscriber unit or 
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pager (C3, L10-16) AND The message entry device 1018 allows a user to initiate a cash 
load request, cash transaction, credit transaction, or the like. Typically, a user might 
enter a request using a keyboard, a voice activated recognition device, a touch- 
sensitive device (e.g., screen or pad), or other convenient data entry device (C18, L16- 
21 teaches voice recognition data input). 

It would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to modify Schroderus in view of Kenagy, such that information on 
the first use of the processor smart card and on the PIN numbers is outputted or 
inputted via the hearing or speaking devices of the card reader, the card terminal or 
preferably the mobile phone device, to provide means for hands-free entering of data 
(and reception of PIN data via speaker too). 

Claim 9 rejected under 35 U.S.C. 103(a) as being unpatentable over Brogan et 
al. US 6,012,634 Kenagy (hereafter Brogan). 

As per claim 9, Brogan teaches a smart card (figure 4, #400) comprising a 
microprocessor (#402), memory area (#404 and #412) and an interface each connected 
to the microprocessor (figure 4 shows all components connected to the microprocessor 
via "interfaces" as well as ports #408 and #414 - whereby the microprocessor/memory 
inherently store software programs/data that support operation of the phone and 
supporting user applications) but is silent on and further comprising a memory area 
where an application for the execution control of the first use of the smart card is stored 
and a secret memory area where data on said application are stored in protected 
fashion. 

Kenagy teaches a SIM/smart card that runs an application (on the smart card) 
the first time the phone is used to corroborate a temporary/entered PIN with a stored 
password (abstract and figure 4a, #202, #204, #206 and #208). The examiner 
interprets the "stored password" as being stored in a "protected area" of memory such 
that a user cannot access it and thus fraudulently use the phone. 

It would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to modify Brogan, such that the smart card comprises a memory 
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area where an application for the execution control of the first use of the smart card is 
stored and a secret memory area where data on said application are stored in protected 
fashion, to provide means to run an authentication program the first time the phone is 
turned on which requires a PIN to be entered that matches a stored PIN to ensure a 
person is not fraudulently using the phone. 



The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

1. Leskinen US 6,085,081 

2. Lee et al. US 6,367,01 1 

3. Sloan US 6,179,205 

4. Cassidy et al. US 6,480,725 

5. Messiet US 5,875,404 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Stephen M. D'Agosta whose telephone number is 703- 
306-5426. The examiner can normally be reached on M-F, 8am to 5pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Bill Trost can be reached on 703-308-5318. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Stephen D'Agosta 



Conclusion 




